<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link href="../style/main.css" type="text/css" rel="stylesheet">
        <link href="../style/salesperson.css" type="text/css" rel="stylesheet">
        <script type="text/javascript" src="../script/jquery-1.8.2.js"></script>
        <script type="text/javascript" src="../script/js1.js"></script>
        <title></title>
    </head>
    <body>
        <header>
        <?php
        session_start();
        mysql_connect("localhost:3306", "root", "16886611");
        mysql_select_db("digitalsales");
        
        if(isset($_GET["action"])){
            if($_GET["action"]=="logout"){
               $_SESSION["manager"]=NULL;
            }
        }
        if(!isset($_SESSION["manager"])||$_SESSION["manager"]==NULL){
            echo '<ul>
                 <li>
                    <p>YOU HAVE NOT LOGGED IN YET</p>
                  </li>
                </ul>';
        }else{
            echo '<ul>
                <li id="logout">
                  <p><a href="index.php?action=logout">Log out</a></p>
                </li>
                  <li>
                    <p>Welcome back,'.$_SESSION["manager"].'!</p>
                  </li>
                </ul>';
        }
        
        ?>
        </header>
        <?php
        if(!isset($_SESSION["salesman"])||$_SESSION["salesman"]==NULL){
            echo '<div id="slogin" class="Mainpanel">';
            echo '<div style="width:100px;height: 50px;overflow: visible">
                        <img src="../images/mlogin.png" style="width: 800px;height: 150px;margin-left: -100px;margin-top: -75px">
                    </div>';
            echo '<form id="form1" name="form1" method="POST" action="">
                    <label>Username:
                        <input class="textArea" name="username" type="TEXT" id="name">
                    </label><br/>
                    <label>Password:&nbsp;
                        <input class="textArea" name="password" type="password" id="password">
                    </label><br/>
                    <input class="Button" type="submit" name="submit" value="Log in">
                </form>';
            if(isset($_SESSION["error"])&&$_SESSION["error"]!=NULL){
                echo '<p class="error">'.$_SESSION["error"].'</p>';
                $_SESSION["error"]=NULL;
            }
            echo '</div>';
        }else{
            
        }
        if(isset ($_POST["username"]) and $_POST["username"]!=""and isset ($_POST["password"]) and $_POST["password"]!=""){
                $usr=$_POST["username"];
                $pass=$_POST["password"];
                $sql="select * from `employees` where `account`='".$usr."' and `password`='".$pass."' and position<>'salesperson';";
                $result=mysql_query($sql);
                $num=mysql_num_rows($result);
                mysql_free_result($result);
                if($num==0){
                    $_SESSION["error"]="Invalid username or password!";
                    echo '<meta http-equiv="refresh" content="0;url=index.php" />';
                }else{
                    $_SESSION["error"]=NULL;
                    $_SESSION["manager"]=$usr;
                    $sql2="select position from employees where account='".$usr."'";
                    $result2=mysql_query($sql2);
                    while ($res2=mysql_fetch_row($result2)){
                         if($res2[0]=="STOREMANAGER"){
                             $sql3="select name from stores where manager='".$usr."'";
                             $result3=mysql_query($sql3);
                             while ($res3=mysql_fetch_row($result3)){
                                 $_SESSION["store"]=$res3[0];
                             }
                             header("location:StoreManager.php");
                         }
                         if($res2[0]=="REGIONMANAGER"){
                             $sql4="select name from regions where manager='".$usr."'";
                             $result4=mysql_query($sql4);
                             while ($res4=mysql_fetch_row($result4)){
                                 $_SESSION["region"]=$res4[0];
                             }
                             header("location:RegionManager.php");
                         }
                         if($res2[0]=="TOPMANAGER"){
                             header("location:TopManager.php");
                         }
                     }
                }
            }
        ?>
    </body>
</html>